Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk released security updates this week to address a critical vulnerability in Splunk Enterprise, identified as CVE-2026-20253. This flaw allows unauthenticated attackers to perform arbitrary file operations, including remote code execution. The vulnerability has a severity rating of 9.8 out of 10 on the CVSS scoring system, indicating a critical risk. The affected versions of Splunk Enterprise are those below 10.2.4 and 10.0.7. Exploitation of this vulnerability could enable attackers to gain unauthorized access and control over affected systems without requiring any form of authentication. Splunk has provided patches and urges users to update their installations immediately to mitigate the risk of exploitation. The company has not disclosed specific instances of exploitation but is taking a proactive stance to secure its user base.